function myGetValue($fldname) { $val = formData($fldname, 'G', true); if ($val == 'undefined') { $val = ''; } return $val; }
function lab_results_messages($set_pid, $rid, $provider_id = "") { if ($provider_id != "") { $where = "AND id = '" . $provider_id . "'"; } // Get all active users. $rez = sqlStatement("select id, username from users where username != '' AND active = '1' {$where}"); for ($iter = 0; $row = sqlFetchArray($rez); $iter++) { $result[$iter] = $row; } if (!empty($result)) { foreach ($result as $user_detail) { unset($thisauth); // Make sure it is empty. // Check user authorization. Only send the panding review message to authorised user. // $thisauth = acl_check('patients', 'sign', $user_detail['username']); // Route message to administrators if there is no provider match. if ($provider_id == "") { $thisauth = acl_check('admin', 'super', $user_detail['username']); } else { $thisauth = true; } if ($thisauth) { // Send lab result message to the ordering provider when there is a new lab report. $userauthorized = formData("userauthorized"); $pname = getPatientName($set_pid); $link = "<a href='../../orders/orders_results.php?review=1&set_pid={$set_pid}'" . " onclick='return top.restoreSession()'>here</a>"; $note = "Patient {$pname}'s lab results have arrived. Please click {$link} to review them.<br/>"; $note_type = "Lab Results"; $message_status = "New"; // Add pnote. $noteid = addPnote($set_pid, $note, $userauthorized, '1', $note_type, $user_detail['username']); sqlQ("update pnotes set message_status='" . $message_status . "' where id = '{$noteid}'"); } } } }
<?php // Copyright (C) 2009 Rod Roark <*****@*****.**> // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. require_once "../../globals.php"; require_once "{$srcdir}/acl.inc"; require_once "{$srcdir}/options.inc.php"; require_once "{$srcdir}/patient.inc"; $CPR = 4; // cells per row // The form name is passed to us as a GET parameter. $formname = formData('formname', 'G'); $tmp = sqlQuery("SELECT title FROM list_options WHERE " . "list_id = 'lbfnames' AND option_id = '{$formname}' LIMIT 1"); $formtitle = $tmp['title']; $fres = sqlStatement("SELECT * FROM layout_options " . "WHERE form_id = '{$formname}' AND uor > 0 " . "ORDER BY group_name, seq"); ?> <html> <head> <?php html_header_show(); ?> <style> body, td { font-family: Arial, Helvetica, sans-serif; font-weight: normal; font-size: 9pt;
<?php include_once "../globals.php"; require_once "{$srcdir}/formdata.inc.php"; $_SESSION["encounter"] = ""; // Fetching the password expiration date if ($GLOBALS['password_expiration_days'] != 0) { $is_expired = false; $q = formData('authUser', 'P'); $result = sqlStatement("select pwd_expiration_date from users where username = '******'"); $current_date = date("Y-m-d"); $pwd_expires_date = $current_date; if ($row = sqlFetchArray($result)) { $pwd_expires_date = $row['pwd_expiration_date']; } // Displaying the password expiration message (starting from 7 days before the password gets expired) $pwd_alert_date = date("Y-m-d", strtotime($pwd_expires_date . "-7 days")); if (strtotime($pwd_alert_date) != "" && strtotime($current_date) >= strtotime($pwd_alert_date) && (!isset($_SESSION['expiration_msg']) or $_SESSION['expiration_msg'] == 0)) { $is_expired = true; $_SESSION['expiration_msg'] = 1; // only show the expired message once } } if ($GLOBALS['athletic_team']) { $frame1url = "../reports/players_report.php?embed=1"; } else { if ($is_expired) { $frame1url = "pwd_expires_alert.php"; //php file which display's password expiration message. } elseif (isset($_GET['mode']) && $_GET['mode'] == "loadcalendar") { $frame1url = "calendar/index.php?pid=" . $_GET['pid'];
"); f.form_adreviewed.focus(); return false; } return true; } $(document).ready(function(){ $("#cancel").click(function() { window.close(); }); }); </script> </head> <body class="body_top"> <?php if ($_POST['form_yesno']) { sqlQuery("UPDATE patient_data SET completed_ad='" . formData('form_yesno', 'P', true) . "', ad_reviewed='" . formData('form_adreviewed', 'P', true) . "' where pid='{$pid}'"); // Close this window and refresh the calendar display. echo "<html>\n<body>\n<script language='JavaScript'>\n"; echo " if (!opener.closed && opener.refreshme) opener.refreshme();\n"; echo " window.close();\n"; echo "</script>\n</body>\n</html>\n"; exit; } $sql = "select completed_ad, ad_reviewed from patient_data where pid='{$pid}'"; $myrow = sqlQuery($sql); if ($myrow) { $form_completedad = $myrow['completed_ad']; $form_adreviewed = $myrow['ad_reviewed']; } ?> <span class="title"><?php
function DOBandEncounter() { global $event_date, $info_msg; // Save new DOB if it's there. $patient_dob = trim($_POST['form_dob']); if ($patient_dob && $_POST['form_pid']) { sqlStatement("UPDATE patient_data SET DOB = '{$patient_dob}' WHERE " . "pid = '" . $_POST['form_pid'] . "'"); } // Auto-create a new encounter if appropriate. // if ($GLOBALS['auto_create_new_encounters'] && $_POST['form_apptstatus'] == '@' && $event_date == date('Y-m-d')) { $tmprow = sqlQuery("SELECT count(*) AS count FROM form_encounter WHERE " . "pid = '" . $_POST['form_pid'] . "' AND date = '{$event_date} 00:00:00'"); if ($tmprow['count'] == 0) { $tmprow = sqlQuery("SELECT username, facility, facility_id FROM users WHERE id = '" . $_POST['form_provider'] . "'"); $username = $tmprow['username']; $facility = $tmprow['facility']; // $facility_id = $tmprow['facility_id']; // use the session facility if it is set, otherwise the one from the provider. $facility_id = $_SESSION['pc_facility'] ? $_SESSION['pc_facility'] : $tmprow['facility_id']; $conn = $GLOBALS['adodb']['db']; $encounter = $conn->GenID("sequences"); addForm($encounter, "New Patient Encounter", sqlInsert("INSERT INTO form_encounter SET " . "date = '{$event_date}', " . "onset_date = '{$event_date}', " . "reason = '" . formData("form_comments") . "', " . "facility = '{$facility}', " . "facility_id = '" . (int) $_POST['facility'] . "', " . "billing_facility = '" . (int) $_POST['billing_facility'] . "', " . "provider_id = '" . (int) $_POST['form_provider'] . "', " . "pid = '" . $_POST['form_pid'] . "', " . "encounter = '{$encounter}'"), "newpatient", $_POST['form_pid'], "1", "NOW()", $username); $info_msg .= "New encounter {$encounter} was created. "; } } }
{ $output = array(); $query = sqlStatement("SELECT " . implode(',', $fieldnames) . " FROM list_options where list_id = ? AND activity = 1 order by seq", array($list_id)); while ($ll = sqlFetchArray($query)) { foreach ($fieldnames as $val) { $output[$ll['option_id']][$val] = $ll[$val]; } } return $output; } $formid = formData('id', 'G') + 0; // If Save or Transmit was clicked, save the info. // if ($_POST['bn_save'] || $_POST['bn_xmit']) { $ppid = formData('form_lab_id') + 0; $sets = "date_ordered = " . QuotedOrNull(formData('form_date_ordered')) . ", " . "provider_id = " . (formData('form_provider_id') + 0) . ", " . "lab_id = " . $ppid . ", " . "date_collected = " . QuotedOrNull(formData('form_date_collected')) . ", " . "order_priority = '" . formData('form_order_priority') . "', " . "order_status = '" . formData('form_order_status') . "', " . "clinical_hx = '" . formData('form_clinical_hx') . "', " . "patient_instructions = '" . formData('form_patient_instructions') . "', " . "patient_id = '" . $pid . "', " . "encounter_id = '" . $encounter . "', " . "history_order= '" . formData('form_history_order') . "'"; // If updating an existing form... // if ($formid) { $query = "UPDATE procedure_order SET {$sets} " . "WHERE procedure_order_id = '{$formid}'"; sqlStatement($query); } else { $query = "INSERT INTO procedure_order SET {$sets}"; $formid = sqlInsert($query); addForm($encounter, "Procedure Order", $formid, "procedure_order", $pid, $userauthorized); } // Remove any existing procedures and their answers for this order and // replace them from the form. sqlStatement("DELETE FROM procedure_answers WHERE procedure_order_id = ?", array($formid)); sqlStatement("DELETE FROM procedure_order_code WHERE procedure_order_id = ?", array($formid)); for ($i = 0; isset($_POST['form_proc_type'][$i]); ++$i) {
} } function end_group() { global $last_group; if (strlen($last_group) > 0) { end_row(); echo " </table>\n"; // No div for an empty group name. if (strlen($last_group) > 1) { echo "</div>\n"; } } } $formname = formData('formname', 'G'); $formid = 0 + formData('id', 'G'); // Get title and number of history columns for this form. $tmp = sqlQuery("SELECT title, option_value FROM list_options WHERE " . "list_id = 'lbfnames' AND option_id = '{$formname}'"); $formtitle = $tmp['title']; $formhistory = 0 + $tmp['option_value']; $newid = 0; // If Save was clicked, save the info. // if ($_POST['bn_save']) { $sets = ""; $fres = sqlStatement("SELECT * FROM layout_options " . "WHERE form_id = '{$formname}' AND uor > 0 AND field_id != '' AND " . "edit_options != 'H' " . "ORDER BY group_name, seq"); while ($frow = sqlFetchArray($fres)) { $field_id = $frow['field_id']; $value = get_layout_form_value($frow); if ($formid) { // existing form
public static function batch_despatch($var, $func, $data_credentials) { global $pid; if (UserService::valid($data_credentials)) { require_once "../../library/invoice_summary.inc.php"; require_once "../../library/options.inc.php"; require_once "../../library/acl.inc"; require_once "../../library/patient.inc"; if ($func == 'ar_responsible_party') { $patient_id = $pid; $encounter_id = $var['encounter']; $x['ar_responsible_party'] = ar_responsible_party($patient_id, $encounter_id); return UserService::function_return_to_xml($x); } elseif ($func == 'getInsuranceData') { $type = $var['type']; $given = $var['given']; $x = getInsuranceData($pid, $type, $given); return UserService::function_return_to_xml($x); } elseif ($func == 'generate_select_list') { $tag_name = $var['tag_name']; $list_id = $var['list_id']; $currvalue = $var['currvalue']; $title = $var['title']; $empty_name = $var['empty_name']; $class = $var['class']; $onchange = $var['onchange']; $x['generate_select_list'] = generate_select_list($tag_name, $list_id, $currvalue, $title, $empty_name, $class, $onchange); return UserService::function_return_to_xml($x); } elseif ($func == 'xl_layout_label') { $constant = $var['constant']; $x['xl_layout_label'] = xl_layout_label($constant); return UserService::function_return_to_xml($x); } elseif ($func == 'generate_form_field') { $frow = $var['frow']; $currvalue = $var['currvalue']; ob_start(); generate_form_field($frow, $currvalue); $x['generate_form_field'] = ob_get_contents(); ob_end_clean(); return UserService::function_return_to_xml($x); } elseif ($func == 'getInsuranceProviders') { $i = $var['i']; $provider = $var['provider']; $insurancei = getInsuranceProviders(); $x = $insurancei; return $x; } elseif ($func == 'get_layout_form_value') { $frow = $var['frow']; $_POST = $var['post_array']; $x['get_layout_form_value'] = get_layout_form_value($frow); return UserService::function_return_to_xml($x); } elseif ($func == 'updatePatientData') { $patient_data = $var['patient_data']; $create = $var['create']; updatePatientData($pid, $patient_data, $create); $x['ok'] = 'ok'; return UserService::function_return_to_xml($x); } elseif ($func == 'updateEmployerData') { $employer_data = $var['employer_data']; $create = $var['create']; updateEmployerData($pid, $employer_data, $create); $x['ok'] = 'ok'; return UserService::function_return_to_xml($x); } elseif ($func == 'newHistoryData') { newHistoryData($pid); $x['ok'] = 'ok'; return UserService::function_return_to_xml($x); } elseif ($func == 'newInsuranceData') { $_POST = $var[0]; foreach ($var as $key => $value) { if ($key >= 3) { $var[$key] = formData($value); } if ($key >= 1) { $parameters[$key] = $var[$key]; } } $parameters[12] = fixDate($parameters[12]); $parameters[27] = fixDate($parameters[27]); call_user_func_array('newInsuranceData', $parameters); $x['ok'] = 'ok'; return UserService::function_return_to_xml($x); } elseif ($func == 'generate_layout_validation') { $form_id = $var['form_id']; ob_start(); generate_layout_validation($form_id); $x = ob_get_clean(); return $x; } } else { throw new SoapFault("Server", "credentials failed"); } }
/** * search events */ function postcalendar_user_search() { if (!(bool) PC_ACCESS_OVERVIEW) { return _POSTCALENDARNOAUTH; } $tpl = new pcSmarty(); $k = formData("pc_keywords", "R"); //from library/formdata.inc.php $k_andor = pnVarCleanFromInput('pc_keywords_andor'); $pc_category = pnVarCleanFromInput('pc_category'); $pc_facility = pnVarCleanFromInput('pc_facility'); $pc_topic = pnVarCleanFromInput('pc_topic'); $submit = pnVarCleanFromInput('submit'); $event_dur_hours = pnVarCleanFromInput('event_dur_hours'); $event_dur_minutes = pnVarCleanFromInput('event_dur_minutes'); $start = pnVarCleanFromInput('start'); $end = pnVarCleanFromInput('end'); // get list of categories for the user to choose from $categories = postcalendar_userapi_getCategories(); $cat_options = ''; foreach ($categories as $category) { $selected = ""; if ($pc_category == $category[id]) { $selected = " SELECTED "; } //modified 8/09 by BM to allow translation if applicable $cat_options .= "<option value=\"{$category['id']}\" {$selected}>" . xl_appt_category($category[name]) . "</option>"; } $tpl->assign_by_ref('CATEGORY_OPTIONS', $cat_options); $tpl->assign('event_dur_hours', $event_dur_hours); $tpl->assign('event_dur_minutes', $event_dur_minutes); // create default start and end dates for the search form if (isset($start) && $start != "") { $tpl->assign('DATE_START', $start); } else { $tpl->assign('DATE_START', date("m/d/Y")); } if (isset($end) && $end != "") { $tpl->assign('DATE_END', $end); } else { $tpl->assign('DATE_END', date("m/d/Y", strtotime("+7 Days", time()))); } // then override the setting if we have a value from the submitted form $ProviderID = pnVarCleanFromInput("provider_id"); if (is_numeric($ProviderID)) { $tpl->assign('ProviderID', $ProviderID); } elseif ($ProviderID == "_ALL_") { } else { $tpl->assign('ProviderID', ""); } $provinfo = getProviderInfo(); $tpl->assign('providers', $provinfo); // build a list of provider-options for the select box on the input form -- JRM $provider_options = "<option value='_ALL_' "; if ($ProviderID == "_ALL_") { $provider_options .= " SELECTED "; } $provider_options .= ">" . xl('All Providers') . "</option>"; foreach ($provinfo as $provider) { $selected = ""; // if we don't have a ProviderID chosen, pick the first one from the // pc_username Session variable if ($ProviderID == "") { // that variable stores the 'username' and not the numeric 'id' if ($_SESSION['pc_username'][0] == $provider['username']) { $selected = " SELECTED "; } } else { if ($ProviderID == $provider['id']) { $selected = " SELECTED "; } } $provider_options .= "<option value=\"" . $provider['id'] . "\" " . $selected . ">"; $provider_options .= $provider['lname'] . ", " . $provider['fname'] . "</option>"; } $tpl->assign_by_ref('PROVIDER_OPTIONS', $provider_options); // build a list of facility options for the select box on the input form -- JRM $facilities = getFacilities(); $fac_options = "<option value=''>" . xl('All Facilities') . "</option>"; foreach ($facilities as $facility) { $selected = ""; if ($facility['id'] == $pc_facility) { $selected = " SELECTED "; } $fac_options .= "<option value=\"" . $facility['id'] . "\" " . $selected . ">"; $fac_options .= $facility['name'] . "</option>"; } $tpl->assign_by_ref('FACILITY_OPTIONS', $fac_options); $PatientID = pnVarCleanFromInput("patient_id"); // limit the number of results returned by getPatientPID // this helps to prevent the server from stalling on a request with // no PID and thousands of PIDs in the database -- JRM // the function getPatientPID($pid, $given, $orderby, $limit, $start) <-- defined in library/patient.inc $plistlimit = 500; if (is_numeric($PatientID)) { $tpl->assign('PatientList', getPatientPID(array('pid' => $PatientID, 'limit' => $plistlimit))); } else { $tpl->assign('PatientList', getPatientPID(array('limit' => $plistlimit))); } $event_endday = pnVarCleanFromInput("event_endday"); $event_endmonth = pnVarCleanFromInput("event_endmonth"); $event_endyear = pnVarCleanFromInput("event_endyear"); $event_startday = pnVarCleanFromInput("event_startday"); $event_startmonth = pnVarCleanFromInput("event_startmonth"); $event_startyear = pnVarCleanFromInput("event_startyear"); if ($event_startday > $event_endday) { $event_endday = $event_startday; } if ($event_startmonth > $event_endmonth) { $event_endmonth = $event_startmonth; } if ($event_startyear > $event_endyear) { $event_endyear = $event_startyear; } $tpl->assign('patient_id', $PatientID); $tpl->assign('provider_id', $ProviderID); $tpl->assign("event_category", pnVarCleanFromInput("event_category")); $tpl->assign("event_subject", pnVarCleanFromInput("event_subject")); $output = new pnHTML(); $output->SetOutputMode(_PNH_RETURNOUTPUT); if (_SETTING_USE_INT_DATES) { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_startday)); $formdata = $output->FormSelectMultiple('event_startday', $sel_data); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_startmonth)); $formdata .= $output->FormSelectMultiple('event_startmonth', $sel_data); } else { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_startmonth)); $formdata = $output->FormSelectMultiple('event_startmonth', $sel_data); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_startday)); $formdata .= $output->FormSelectMultiple('event_startday', $sel_data); } $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildYearSelect', array('pc_year' => $year, 'selected' => $event_startyear)); $formdata .= $output->FormSelectMultiple('event_startyear', $sel_data); $output->SetOutputMode(_PNH_KEEPOUTPUT); $tpl->assign('SelectDateTimeStart', $formdata); $output->SetOutputMode(_PNH_RETURNOUTPUT); if (_SETTING_USE_INT_DATES) { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_endday)); $formdata = $output->FormSelectMultiple('event_endday', $sel_data); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_endmonth)); $formdata .= $output->FormSelectMultiple('event_endmonth', $sel_data); } else { $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildMonthSelect', array('pc_month' => $month, 'selected' => $event_endmonth)); $formdata = $output->FormSelectMultiple('event_endmonth', $sel_data); $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildDaySelect', array('pc_day' => $day, 'selected' => $event_endday)); $formdata .= $output->FormSelectMultiple('event_endday', $sel_data); } $sel_data = pnModAPIFunc(__POSTCALENDAR__, 'user', 'buildYearSelect', array('pc_year' => $year, 'selected' => $event_endyear)); $formdata .= $output->FormSelectMultiple('event_endyear', $sel_data); $output->SetOutputMode(_PNH_KEEPOUTPUT); $tpl->assign('SelectDateTimeEnd', $formdata); $output = null; if (_SETTING_DISPLAY_TOPICS) { $topics = postcalendar_userapi_getTopics(); $top_options = ''; foreach ($topics as $topic) { $top_options .= "<option value=\"{$topic['id']}\">{$topic['text']}</option>"; } $tpl->assign_by_ref('TOPIC_OPTIONS', $top_options); } //================================================================= // Find out what Template we're using //================================================================= $template_name = _SETTING_TEMPLATE; if (!isset($template_name)) { $template_name = 'default'; } //================================================================= // Output the search form //================================================================= $tpl->assign('FORM_ACTION', pnModURL(__POSTCALENDAR__, 'user', 'search')); //================================================================= // Perform the search if we have data //================================================================= if (!empty($submit) && strtolower($submit) == "find first") { // not sure how we get here... $searchargs = array(); $searchargs['start'] = pnVarCleanFromInput("event_startmonth") . "/" . pnVarCleanFromInput("event_startday") . "/" . pnVarCleanFromInput("event_startyear"); $searchargs['end'] = pnVarCleanFromInput("event_endmonth") . "/" . pnVarCleanFromInput("event_endday") . "/" . pnVarCleanFromInput("event_endyear"); $searchargs['provider_id'] = pnVarCleanFromInput("provider_id"); $searchargs['faFlag'] = true; //print_r($searchargs); //echo "<br />"; //set defaults to current week if empty if ($searchargs['start'] == "//") { $searchargs['start'] = date("m/d/Y"); } if ($searchargs['end'] == "//") { $searchargs['end'] = date("m/d/Y", strtotime("+7 Days", strtotime($searchargs['start']))); } //print_r($searchargs); $eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs); //print_r($eventsByDate); $found = findFirstAvailable($eventsByDate); $tpl->assign('available_times', $found); //print_r($_POST); $tpl->assign('SEARCH_PERFORMED', true); $tpl->assign('A_EVENTS', $eventsByDate); } if (!empty($submit) && strtolower($submit) == "listapps") { // not sure how we get here... $searchargs = array(); $searchargs['start'] = date("m/d/Y"); $searchargs['end'] = date("m/d/Y", strtotime("+1 year", strtotime($searchargs['start']))); $searchargs['patient_id'] = pnVarCleanFromInput("patient_id"); $searchargs['listappsFlag'] = true; $sqlKeywords .= "(a.pc_pid = '" . pnVarCleanFromInput("patient_id") . "' )"; $searchargs['s_keywords'] = $sqlKeywords; //print_r($searchargs); $eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs); //print_r($eventsByDate); $tpl->assign('appointments', $eventsByDate); //print_r($_POST); $tpl->assign('SEARCH_PERFORMED', true); $tpl->assign('A_EVENTS', $eventsByDate); } elseif (!empty($submit)) { // we get here by searching via the PostCalendar search $sqlKeywords = ''; $keywords = explode(' ', $k); // build our search query foreach ($keywords as $word) { if (!empty($sqlKeywords)) { $sqlKeywords .= " {$k_andor} "; } $sqlKeywords .= '('; $sqlKeywords .= "pd.lname LIKE '%{$word}%' OR "; $sqlKeywords .= "pd.fname LIKE '%{$word}%' OR "; $sqlKeywords .= "u.lname LIKE '%{$word}%' OR "; $sqlKeywords .= "u.fname LIKE '%{$word}%' OR "; $sqlKeywords .= "a.pc_title LIKE '%{$word}%' OR "; $sqlKeywords .= "a.pc_hometext LIKE '%{$word}%' OR "; $sqlKeywords .= "a.pc_location LIKE '%{$word}%'"; $sqlKeywords .= ') '; } if (!empty($pc_category)) { $s_category = "a.pc_catid = '{$pc_category}'"; } if (!empty($pc_topic)) { $s_topic = "a.pc_topic = '{$pc_topic}'"; } $searchargs = array(); if (!empty($sqlKeywords)) { $searchargs['s_keywords'] = $sqlKeywords; } if (!empty($s_category)) { $searchargs['s_category'] = $s_category; } if (!empty($s_topic)) { $searchargs['s_topic'] = $s_topic; } // some new search parameters introduced in the ajax_search form... JRM March 2008 // the ajax_search form has form parameters for 'start' and 'end' already built in // so use them if available $tmpDate = pnVarCleanFromInput("start"); if (isset($tmpDate) && $tmpDate != "") { $searchargs['start'] = pnVarCleanFromInput("start"); } else { $searchargs['start'] = "//"; } $tmpDate = pnVarCleanFromInput("end"); if (isset($tmpDate) && $tmpDate != "") { $searchargs['end'] = pnVarCleanFromInput("end"); } else { $searchargs['end'] = "//"; } // we can limit our search by provider -- JRM March 2008 if (isset($ProviderID) && $ProviderID != "") { // && $ProviderID != "_ALL_") { $searchargs['provider_id'] = array(); array_push($searchargs['provider_id'], $ProviderID); } $eventsByDate =& postcalendar_userapi_pcGetEvents($searchargs); // we can limit our search by facility -- JRM March 2008 if (isset($pc_facility) && $pc_facility != "") { $searchargs['pc_facility'] = $pc_facility; } //print_r($eventsByDate); $tpl->assign('SEARCH_PERFORMED', true); $tpl->assign('A_EVENTS', $eventsByDate); } $tpl->caching = false; $tpl->assign('STYLE', $GLOBALS['style']); $pageSetup =& pnModAPIFunc(__POSTCALENDAR__, 'user', 'pageSetup'); if (pnVarCleanFromInput("no_nav") == 1) { $return = $pageSetup . $tpl->fetch($template_name . '/user/findfirst.html'); } elseif (pnVarCleanFromInput("no_nav") == 2) { $return = $pageSetup . $tpl->fetch($template_name . '/user/listapps.html'); } else { $return = $pageSetup . $tpl->fetch($template_name . '/user/search.html'); } return $return; }
require_once "../../globals.php"; require_once "{$srcdir}/api.inc"; require_once "{$srcdir}/forms.inc"; require_once "{$srcdir}/formdata.inc.php"; if (!$encounter) { // comes from globals.php die(xlt("Internal error: we do not seem to be in an encounter!")); } if ($_POST["off_work_from"] == "0000-00-00" || $_POST["off_work_from"] == "") { $_POST["is_unable_to_work"] = "0"; $_POST["off_work_to"] = ""; } else { $_POST["is_unable_to_work"] = "1"; } if ($_POST["hospitalization_date_from"] == "0000-00-00" || $_POST["hospitalization_date_from"] == "") { $_POST["is_hospitalized"] = "0"; $_POST["hospitalization_date_to"] = ""; } else { $_POST["is_hospitalized"] = "1"; } $id = formData('id', 'G') + 0; $sets = "pid = {$_SESSION["pid"]},\n groupname = '" . $_SESSION["authProvider"] . "',\n user = '******',\n authorized = {$userauthorized}, activity=1, date = NOW(),\n employment_related = '" . formData("employment_related") . "',\n auto_accident = '" . formData("auto_accident") . "',\n accident_state = '" . formData("accident_state") . "',\n other_accident = '" . formData("other_accident") . "',\n outside_lab = '" . formData("outside_lab") . "',\n medicaid_referral_code = '" . formData("medicaid_referral_code") . "',\n epsdt_flag = '" . formData("epsdt_flag") . "',\n provider_id = '" . formData("provider_id") . "',\n provider_qualifier_code = '" . formData("provider_qualifier_code") . "',\n lab_amount = '" . formData("lab_amount") . "',\n is_unable_to_work = '" . formData("is_unable_to_work") . "',\n date_initial_treatment = '" . formData("date_initial_treatment") . "',\n off_work_from = '" . formData("off_work_from") . "',\n off_work_to = '" . formData("off_work_to") . "',\n is_hospitalized = '" . formData("is_hospitalized") . "',\n hospitalization_date_from = '" . formData("hospitalization_date_from") . "',\n hospitalization_date_to = '" . formData("hospitalization_date_to") . "',\n medicaid_resubmission_code = '" . formData("medicaid_resubmission_code") . "',\n medicaid_original_reference = '" . formData("medicaid_original_reference") . "',\n prior_auth_number = '" . formData("prior_auth_number") . "',\n replacement_claim = '" . formData("replacement_claim") . "',\n icn_resubmission_number = '" . formData("icn_resubmission_number") . "',\n box_14_date_qual = '" . formData("box_14_date_qual") . "',\n box_15_date_qual = '" . formData("box_15_date_qual") . "',\n comments = '" . formData("comments") . "'"; if (empty($id)) { $newid = sqlInsert("INSERT INTO form_misc_billing_options SET {$sets}"); addForm($encounter, "Misc Billing Options", $newid, "misc_billing_options", $pid, $userauthorized); } else { sqlStatement("UPDATE form_misc_billing_options SET {$sets} WHERE id = {$id}"); } formHeader("Redirecting...."); formJump(); formFooter();
function AjaxDropDownCode() { if ($_REQUEST["ajax_mode"] == "set") { $CountIndex = 1; $StringForAjax = "<div id='AjaxContainerInsurance'><table width='552' border='1' cellspacing='0' cellpadding='0'>\n\t <tr class='text' bgcolor='#dddddd'>\n\t\t<td width='50'>" . htmlspecialchars(xl('Code'), ENT_QUOTES) . "</td>\n\t\t<td width='300'>" . htmlspecialchars(xl('Name'), ENT_QUOTES) . "</td>\n\t <td width='200'>" . htmlspecialchars(xl('Address'), ENT_QUOTES) . "</td>\n\t </tr>" . "<tr class='text' height='20' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t onkeydown=\"ProcessKeyForColoring(event,{$CountIndex});PlaceValues(event,' ','')\" onclick=\"PutTheValuesClick(' ','')\">\n\t\t\t<td colspan='3' align='center'><a id='anchor_insurance_code_{$CountIndex}' href='#'></a></td>\n\t </tr>"; $insurance_text_ajax = formData('insurance_text_ajax', '', true); $res = sqlStatement("SELECT insurance_companies.id,name,city,state,country FROM insurance_companies\n\t\t\tleft join addresses on insurance_companies.id=addresses.foreign_id where name like '{$insurance_text_ajax}%' or insurance_companies.id like '{$insurance_text_ajax}%' ORDER BY name"); while ($row = sqlFetchArray($res)) { if ($CountIndex % 2 == 1) { $bgcolor = '#ddddff'; } else { $bgcolor = '#ffdddd'; } $CountIndex++; $Id = $row['id']; $Name = $row['name']; $City = $row['city']; $State = $row['state']; $Country = $row['country']; $Address = $City . ', ' . $State . ', ' . $Country; $StringForAjax .= "<tr class='text' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t\tonkeydown='ProcessKeyForColoring(event,{$CountIndex});PlaceValues(event,\"" . htmlspecialchars($Id, ENT_QUOTES) . "\",\"" . htmlspecialchars($Name, ENT_QUOTES) . "\")'\n\t\t\t onclick='PutTheValuesClick(\"" . htmlspecialchars($Id, ENT_QUOTES) . "\",\"" . htmlspecialchars($Name, ENT_QUOTES) . "\")'>\n\t\t\t<td><a id='anchor_insurance_code_{$CountIndex}' href='#'>" . htmlspecialchars($Id) . "</a></td>\n\t\t\t<td><a href='#'>" . htmlspecialchars($Name) . "</a></td>\n\t\t <td><a href='#'>" . htmlspecialchars($Address) . "</a></td>\n</tr>"; } $StringForAjax .= "</table></div>"; echo strlen($_REQUEST['insurance_text_ajax']) . '~`~`' . $StringForAjax; die; } //=============================================================================== if ($_REQUEST["ajax_mode"] == "set_patient") { //From 2 areas this ajax is called.So 2 pairs of functions are used. //PlaceValues==>Used while -->KEY PRESS<-- over list.List vanishes and the clicked one gets listed in the parent page's text box. //PutTheValuesClick==>Used while -->CLICK<-- over list.List vanishes and the clicked one gets listed in the parent page's text box. //PlaceValuesDistribute==>Used while -->KEY PRESS<-- over list.List vanishes and the clicked one gets listed in the parent page's text box. //PutTheValuesClickDistribute==>Used while -->CLICK<-- over list.List vanishes and the clicked one gets listed in the parent page's text box. if (isset($_REQUEST['patient_code']) && $_REQUEST['patient_code'] != '') { $patient_code = formData('patient_code', '', true); if (isset($_REQUEST['submit_or_simple_type']) && $_REQUEST['submit_or_simple_type'] == 'Simple') { $StringToAppend = "PutTheValuesClickPatient"; $StringToAppend2 = "PlaceValuesPatient"; } else { $StringToAppend = "PutTheValuesClickDistribute"; $StringToAppend2 = "PlaceValuesDistribute"; } $patient_code_complete = $_REQUEST['patient_code']; //we need the spaces here } elseif (isset($_REQUEST['insurance_text_ajax']) && $_REQUEST['insurance_text_ajax'] != '') { $patient_code = formData('insurance_text_ajax', '', true); $StringToAppend = "PutTheValuesClick"; $StringToAppend2 = "PlaceValues"; $patient_code_complete = $_REQUEST['insurance_text_ajax']; //we need the spaces here } $CountIndex = 1; $StringForAjax = "<div id='AjaxContainerPatient'><table width='452' border='1' cellspacing='0' cellpadding='0'>\n\t <tr class='text' bgcolor='#dddddd'>\n\t\t<td width='50'>" . htmlspecialchars(xl('Code'), ENT_QUOTES) . "</td>\n\t\t<td width='100'>" . htmlspecialchars(xl('Last Name'), ENT_QUOTES) . "</td>\n\t <td width='100'>" . htmlspecialchars(xl('First Name'), ENT_QUOTES) . "</td>\n\t <td width='100'>" . htmlspecialchars(xl('Middle Name'), ENT_QUOTES) . "</td>\n\t <td width='100'>" . htmlspecialchars(xl('Date of Birth'), ENT_QUOTES) . "</td>\n\t </tr>" . "<tr class='text' height='20' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t onkeydown=\"ProcessKeyForColoring(event,{$CountIndex});{$StringToAppend2}(event,' ','')\" onclick=\"{$StringToAppend}(' ','')\">\n\t\t\t<td colspan='5' align='center'><a id='anchor_insurance_code_{$CountIndex}' href='#'></a></td>\n\t </tr>\n\n\t "; $res = sqlStatement("SELECT pid as id,fname,lname,mname,DOB FROM patient_data\n\t\t\t where fname like '{$patient_code}%' or lname like '{$patient_code}%' or mname like '{$patient_code}%' or \n\t\t\t CONCAT(lname,' ',fname,' ',mname) like '{$patient_code}%' or pid like '{$patient_code}%' ORDER BY lname"); while ($row = sqlFetchArray($res)) { if ($CountIndex % 2 == 1) { $bgcolor = '#ddddff'; } else { $bgcolor = '#ffdddd'; } $CountIndex++; $Id = $row['id']; $fname = $row['fname']; $lname = $row['lname']; $mname = $row['mname']; $Name = $lname . ' ' . $fname . ' ' . $mname; $DOB = oeFormatShortDate($row['DOB']); $StringForAjax .= "<tr class='text' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t\t onkeydown='ProcessKeyForColoring(event,{$CountIndex});{$StringToAppend2}(event,\"" . htmlspecialchars($Id, ENT_QUOTES) . "\",\"" . htmlspecialchars($Name, ENT_QUOTES) . "\")' onclick=\"{$StringToAppend}('" . addslashes($Id) . "','" . htmlspecialchars(addslashes($Name), ENT_QUOTES) . "')\">\n\t\t\t<td><a id='anchor_insurance_code_{$CountIndex}' href='#' >" . htmlspecialchars($Id) . "</a></td>\n\t\t\t<td><a href='#'>" . htmlspecialchars($lname) . "</a></td>\n\t\t <td><a href='#'>" . htmlspecialchars($fname) . "</a></td>\n <td><a href='#'>" . htmlspecialchars($mname) . "</a></td>\n <td><a href='#'>" . htmlspecialchars($DOB) . "</a></td>\n </tr>"; } $StringForAjax .= "</table></div>"; echo strlen($patient_code_complete) . '~`~`' . $StringForAjax; die; } //=============================================================================== if ($_REQUEST["ajax_mode"] == "encounter") { //PlaceValuesEncounter==>Used while -->KEY PRESS<-- over list.List vanishes and the clicked one gets listed in the parent page's text box. //PutTheValuesClickEncounter==>Used while -->CLICK<-- over list.List vanishes and the clicked one gets listed in the parent page's text box. if (isset($_REQUEST['encounter_patient_code'])) { $patient_code = formData('encounter_patient_code', '', true); $StringToAppend = "PutTheValuesClickEncounter"; $StringToAppend2 = "PlaceValuesEncounter"; } $CountIndex = 1; $StringForAjax = "<div id='AjaxContainerEncounter'><table width='202' border='1' cellspacing='0' cellpadding='0'>\n\t <tr class='text' bgcolor='#dddddd'>\n\t\t<td width='100'>" . htmlspecialchars(xl('Encounter'), ENT_QUOTES) . "</td>\n\t\t<td width='100'>" . htmlspecialchars(xl('Date'), ENT_QUOTES) . "</td>\n\t </tr>" . "<tr class='text' height='20' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t onkeydown=\"ProcessKeyForColoring(event,{$CountIndex});{$StringToAppend2}(event,' ','')\" onclick=\"{$StringToAppend}(' ','')\">\n\t\t\t<td colspan='2' align='center'><a id='anchor_insurance_code_{$CountIndex}' href='#'></a></td>\n\t </tr>\n\n\t "; $res = sqlStatement("SELECT date,encounter FROM form_encounter\n\t\t\t where pid ='{$patient_code}' ORDER BY encounter"); while ($row = sqlFetchArray($res)) { if ($CountIndex % 2 == 1) { $bgcolor = '#ddddff'; } else { $bgcolor = '#ffdddd'; } $CountIndex++; $Date = $row['date']; $Date = split(' ', $Date); $Date = oeFormatShortDate($Date[0]); $Encounter = $row['encounter']; $StringForAjax .= "<tr class='text' bgcolor='{$bgcolor}' id=\"tr_insurance_{$CountIndex}\"\n\t\t onkeydown=\"ProcessKeyForColoring(event,{$CountIndex});{$StringToAppend2}(event,'" . htmlspecialchars($Encounter, ENT_QUOTES) . "','" . htmlspecialchars($Date, ENT_QUOTES) . "')\" onclick=\"{$StringToAppend}('" . htmlspecialchars($Encounter, ENT_QUOTES) . "','" . htmlspecialchars($Date, ENT_QUOTES) . "')\">\n\t\t\t<td><a id='anchor_insurance_code_{$CountIndex}' href='#' >" . htmlspecialchars($Encounter) . "</a></td>\n\t\t\t<td><a href='#'>" . htmlspecialchars($Date) . "</a></td>\n </tr>"; } $StringForAjax .= "</table></div>"; echo $StringForAjax; die; } }
<td width="45" align="left" class="text"> <?php echo htmlspecialchars(xl('Patient'), ENT_QUOTES) . ':'; ?> </td> <td width="265"><input type="hidden" id="hidden_ajax_patient_close_value" value="<?php echo $Message == '' ? htmlspecialchars($NameNew) : ''; ?> " /> <input name='patient_code' style="width:265px" id='patient_code' class="text" onKeyDown="PreventIt(event)" value="<?php echo $Message == '' ? htmlspecialchars($NameNew) : ''; ?> " autocomplete="off" /></td> <!--onKeyUp="ajaxFunction(event,'patient','edit_payment.php');" --> <td width="55" colspan="2" style="padding-left:5px;" ><div class="text" name="patient_name" id="patient_name" style="border:1px solid black; ; padding-left:5px; width:55px; height:17px;"><?php echo $Message == '' ? htmlspecialchars(formData('hidden_patient_code')) : ''; ?> </div> </td> <td width="84" class="text"> <input type="radio" name="RadioPaid" onClick="SearchOnceMore()" <?php echo $_REQUEST['RadioPaid'] == 'Non_Paid' || $_REQUEST['RadioPaid'] == '' ? 'checked' : ''; ?> value="Non_Paid" id="Non_Paid" /><?php echo htmlspecialchars(xl('Non Paid'), ENT_QUOTES); ?> </td> <td width="168" class="text"><input type="radio" name="RadioPaid" onClick="SearchOnceMore()" <?php echo $_REQUEST['RadioPaid'] == 'Show_Primary_Complete' ? 'checked' : ''; ?> value="Show_Primary_Complete"
require_once "{$srcdir}/forms.inc"; require_once "{$srcdir}/sql.inc"; require_once "{$srcdir}/encounter.inc"; require_once "{$srcdir}/acl.inc"; require_once "{$srcdir}/formatting.inc.php"; require_once "{$srcdir}/formdata.inc.php"; $conn = $GLOBALS['adodb']['db']; $date = formData('form_date'); $onset_date = formData('form_onset_date'); $sensitivity = formData('form_sensitivity'); $pc_catid = formData('pc_catid'); $facility_id = formData('facility_id'); $billing_facility = formData('billing_facility'); $reason = formData('reason'); $mode = formData('mode'); $referral_source = formData('form_referral_source'); $facilityresult = sqlQuery("select name FROM facility WHERE id = {$facility_id}"); $facility = $facilityresult['name']; if ($GLOBALS['concurrent_layout']) { $normalurl = "patient_file/encounter/encounter_top.php"; } else { $normalurl = "{$rootdir}/patient_file/encounter/patient_encounter.php"; } $nexturl = $normalurl; if ($mode == 'new') { $provider_id = $userauthorized ? $_SESSION['authUserID'] : 0; $encounter = $conn->GenID("sequences"); addForm($encounter, "New Patient Encounter", sqlInsert("INSERT INTO form_encounter SET " . "date = '{$date}', " . "onset_date = '{$onset_date}', " . "reason = '{$reason}', " . "facility = '{$facility}', " . "pc_catid = '{$pc_catid}', " . "facility_id = '{$facility_id}', " . "billing_facility = '{$billing_facility}', " . "sensitivity = '{$sensitivity}', " . "referral_source = '{$referral_source}', " . "pid = '{$pid}', " . "encounter = '{$encounter}', " . "provider_id = '{$provider_id}'"), "newpatient", $pid, $userauthorized, $date); } else { if ($mode == 'update') { $id = $_POST["id"];
<tr> <td><a href="#" onClick="javascript:return Validate();" class="css_button"><span><?php echo htmlspecialchars(xl('Process ERA File'), ENT_QUOTES); ?> </span></a></td> </tr> </table></td> </tr> <tr height="5"> <td align="left" ></td> <td colspan="3" align="left" ></td> </tr> </table> </td></tr> </table> </td> </tr> </table> <input type="hidden" name="after_value" id="after_value" value="<?php echo htmlspecialchars($alertmsg, ENT_QUOTES); ?> "/> <input type="hidden" name="hidden_type_code" id="hidden_type_code" value="<?php echo formData('hidden_type_code'); ?> "/> <input type='hidden' name='ajax_mode' id='ajax_mode' value='' /> </form> </body> </html>
} else { break; } } //========= //INSERTION of new entries,continuation of modification. //========= for ($CountRow = $CountIndexAbove + 1; $CountRow <= $CountIndexAbove + $CountIndexBelow; $CountRow++) { if (isset($_POST["HiddenEncounter{$CountRow}"])) { DistributionInsert($CountRow, $created_time, $user_id); } else { break; } } if ($_REQUEST['global_amount'] == 'yes') { sqlStatement("update ar_session set global_amount=" . trim(formData("HidUnappliedAmount")) * 1 . " where session_id ='{$payment_id}'"); } if ($_POST["mode"] == "FinishPayments") { $Message = 'Finish'; } $_POST["mode"] = "searchdatabase"; $Message = 'Modify'; } } //============================================================================== //Search Code //=============================================================================== $payment_id = $payment_id * 1 > 0 ? $payment_id : $_REQUEST['payment_id']; $ResultSearchSub = sqlStatement("SELECT distinct encounter,code_type,code,modifier, pid from ar_activity where session_id ='{$payment_id}' order by pid,encounter,code,modifier"); //============================================================================== $DateFormat = DateFormatRead();
$sigline['embossed'] = "<div class='signature'>" . " _____________________________________________________<br/>" . "Signature" . "</div>\n"; $sigline['signed'] = "<div class='sig'>" . "<img src='./sig.jpg'>" . "</div>\n"; $query = sqlStatement("select fname,lname,street,city,state,postal_code,phone_home,DATE_FORMAT(DOB,'%m/%d/%y') as DOB from patient_data where pid =" . $_SESSION['pid']); if ($result = mysql_fetch_array($query, MYSQL_ASSOC)) { $patient_name = $result['fname'] . ' ' . $result['lname']; $patient_address = $result['street']; $patient_city = $result['city']; $patient_state = $result['state']; $patient_zip = $result['postal_code']; $patient_phone = $result['phone_home']; $patient_dob = $result['DOB']; } //update user information if selected from form if ($_POST['update']) { // OPTION update practice inf $query = "update users set " . "fname = '" . formData('practice_fname') . "', " . "lname = '" . formData('practice_lname') . "', " . "title = '" . formData('practice_title') . "', " . "street = '" . formData('practice_address') . "', " . "city = '" . formData('practice_city') . "', " . "state = '" . formData('practice_state') . "', " . "zip = '" . formData('practice_zip') . "', " . "phone = '" . formData('practice_phone') . "', " . "fax = '" . formData('practice_fax') . "', " . "federaldrugid = '" . formData('practice_dea') . "' " . "where id =" . $_SESSION['authUserID']; sqlInsert($query); } //get user information $query = sqlStatement("select * from users where id =" . $_SESSION['authUserID']); if ($result = mysql_fetch_array($query, MYSQL_ASSOC)) { $physician_name = $result['fname'] . ' ' . $result['lname'] . ', ' . $result['title']; $practice_fname = $result['fname']; $practice_lname = $result['lname']; $practice_title = $result['title']; $practice_address = $result['street']; $practice_city = $result['city']; $practice_state = $result['state']; $practice_zip = $result['zip']; $practice_phone = $result['phone']; $practice_fax = $result['fax'];
function DistributionInsert($CountRow, $created_time, $user_id) { //Function inserts the distribution.Payment,Adjustment,Deductable,Takeback & Follow up reasons are inserted as seperate rows. //It automatically pushes to next insurance for billing. //In the screen a drop down of Ins1,Ins2,Ins3,Pat are given.The posting can be done for any level. $Affected = 'no'; if (isset($_POST["Payment{$CountRow}"]) && $_POST["Payment{$CountRow}"] * 1 > 0) { if (trim(formData('type_name')) == 'insurance') { if (trim(formData("HiddenIns{$CountRow}")) == 1) { $AccountCode = "IPP"; } if (trim(formData("HiddenIns{$CountRow}")) == 2) { $AccountCode = "ISP"; } if (trim(formData("HiddenIns{$CountRow}")) == 3) { $AccountCode = "ITP"; } } elseif (trim(formData('type_name')) == 'patient') { $AccountCode = "PP"; } sqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . trim(formData("Payment{$CountRow}")) . "', adj_amount = '" . 0 . "', account_code = '" . "{$AccountCode}" . "'"); $Affected = 'yes'; } if (isset($_POST["AdjAmount{$CountRow}"]) && $_POST["AdjAmount{$CountRow}"] * 1 != 0) { if (trim(formData('type_name')) == 'insurance') { $AdjustString = "Ins adjust Ins" . trim(formData("HiddenIns{$CountRow}")); $AccountCode = "IA"; } elseif (trim(formData('type_name')) == 'patient') { $AdjustString = "Pt adjust"; $AccountCode = "PA"; } idSqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . 0 . "', adj_amount = '" . trim(formData("AdjAmount{$CountRow}")) . "', memo = '" . "{$AdjustString}" . "', account_code = '" . "{$AccountCode}" . "'"); $Affected = 'yes'; } if (isset($_POST["Deductible{$CountRow}"]) && $_POST["Deductible{$CountRow}"] * 1 > 0) { idSqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . 0 . "', adj_amount = '" . 0 . "', memo = '" . "Deductable \$" . trim(formData("Deductible{$CountRow}")) . "', account_code = '" . "Deduct" . "'"); $Affected = 'yes'; } if (isset($_POST["Takeback{$CountRow}"]) && $_POST["Takeback{$CountRow}"] * 1 > 0) { idSqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . trim(formData("Takeback{$CountRow}")) * -1 . "', adj_amount = '" . 0 . "', account_code = '" . "Takeback" . "'"); $Affected = 'yes'; } if (isset($_POST["FollowUp{$CountRow}"]) && $_POST["FollowUp{$CountRow}"] == 'y') { idSqlStatement("insert into ar_activity set " . "pid = '" . trim(formData('hidden_patient_code')) . "', encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "', code = '" . trim(formData("HiddenCode{$CountRow}")) . "', modifier = '" . trim(formData("HiddenModifier{$CountRow}")) . "', payer_type = '" . trim(formData("HiddenIns{$CountRow}")) . "', post_time = '" . trim($created_time) . "', post_user = '******', session_id = '" . trim(formData('payment_id')) . "', modified_time = '" . trim($created_time) . "', pay_amount = '" . 0 . "', adj_amount = '" . 0 . "', follow_up = '" . "y" . "', follow_up_note = '" . trim(formData("FollowUpReason{$CountRow}")) . "'"); $Affected = 'yes'; } if ($Affected == 'yes') { if (trim(formData('type_name')) != 'patient') { $ferow = sqlQuery("select last_level_closed from form_encounter where \n\t\tpid ='" . trim(formData('hidden_patient_code')) . "' and encounter='" . trim(formData("HiddenEncounter{$CountRow}")) . "'"); //multiple charges can come. if ($ferow['last_level_closed'] < trim(formData("HiddenIns{$CountRow}"))) { sqlStatement("update form_encounter set last_level_closed='" . trim(formData("HiddenIns{$CountRow}")) . "' where \n\t\t\tpid ='" . trim(formData('hidden_patient_code')) . "' and encounter='" . trim(formData("HiddenEncounter{$CountRow}")) . "'"); //last_level_closed gets increased. //----------------------------------- // Determine the next insurance level to be billed. $ferow = sqlQuery("SELECT date, last_level_closed " . "FROM form_encounter WHERE " . "pid = '" . trim(formData('hidden_patient_code')) . "' AND encounter = '" . trim(formData("HiddenEncounter{$CountRow}")) . "'"); $date_of_service = substr($ferow['date'], 0, 10); $new_payer_type = 0 + $ferow['last_level_closed']; if ($new_payer_type <= 3 && !empty($ferow['last_level_closed']) || $new_payer_type == 0) { ++$new_payer_type; } $new_payer_id = arGetPayerID(trim(formData('hidden_patient_code')), $date_of_service, $new_payer_type); if ($new_payer_id > 0) { arSetupSecondary(trim(formData('hidden_patient_code')), trim(formData("HiddenEncounter{$CountRow}")), 0); } //----------------------------------- } } } }
echo $form_review; ?> ' onsubmit='return validate(this)'> <table> <tr> <td class='text'> <?php if ($form_batch) { $form_from_date = formData('form_from_date', 'P', true); $form_to_date = formData('form_to_date', 'P', true); if (empty($form_to_date)) { $form_to_date = $form_from_date; } $form_proc_type = formData('form_proc_type') + 0; if (!$form_proc_type) { $form_proc_type = -1; } $form_proc_type_desc = ''; if ($form_proc_type > 0) { $ptrow = sqlQuery("SELECT name FROM procedure_type WHERE " . "procedure_type_id = '{$form_proc_type}'"); $form_proc_type_desc = $ptrow['name']; } ?> <?php xl('Procedure', 'e'); ?> : <input type='text' size='30' name='form_proc_type_desc' value='<?php
$res = SqlStatement($sql, array($key)); $row = SqlFetchArray($res); insert_language_log($row['lang_description'], $row['lang_code'], $row['constant_name'], $value); $go = 'yes'; } } } if ($go == 'yes') { echo htmlspecialchars(xl("New Definition set added"), ENT_NOQUOTES); } } if ($_POST['edit']) { if ($_POST['language_select'] == '') { exit(htmlspecialchars(xl("Please select a language"), ENT_NOQUOTES)); } $lang_id = (int) formData('language_select'); $lang_filter = isset($_POST['filter_cons']) ? $_POST['filter_cons'] : ''; $lang_filter .= '%'; $lang_filter_def = isset($_POST['filter_def']) ? $_POST['filter_def'] : ''; $lang_filter_def .= '%'; $bind_sql_array = array(); array_push($bind_sql_array, $lang_filter); $sql = "SELECT lc.cons_id, lc.constant_name, ld.def_id, ld.definition, ld.lang_id " . "FROM lang_definitions AS ld " . "RIGHT JOIN ( lang_constants AS lc, lang_languages AS ll ) ON " . "( lc.cons_id = ld.cons_id AND ll.lang_id = ld.lang_id ) " . "WHERE lc.constant_name " . $case_insensitive_collation . " LIKE ? AND ( ll.lang_id = 1 "; if ($lang_id != 1) { array_push($bind_sql_array, $lang_id); $sql .= "OR ll.lang_id=? "; $what = "SELECT * from lang_languages where lang_id=? LIMIT 1"; $res = SqlStatement($what, array($lang_id)); $row = SqlFetchArray($res); $lang_name = $row['lang_description']; }
if ($check_sum) { ?> <th id="sortby_checksum" class="text" title="<?php xl('Sort by Checksum', 'e'); ?> "><?php xl('Checksum', 'e'); ?> </th> <?php } ?> </tr> <?php $eventname = formData('eventname', 'G'); $type_event = formData('type_event', 'G'); ?> <input type=hidden name=event value=<?php echo $eventname . "-" . $type_event; ?> > <?php $tevent = ""; $gev = ""; if ($eventname != "" && $type_event != "") { $getevent = $eventname . "-" . $type_event; } if ($eventname == "" && $type_event != "") { $tevent = $type_event; } else { if ($type_event == "" && $eventname != "") {
<?php // Copyright (C) 2008 Jason Morrill <*****@*****.**> // // This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; either version 2 // of the License, or (at your option) any later version. // // This file use is used specifically to look up drug names when // writing a prescription. See the file: // templates/prescriptions/general_edit.html // for additional information // // Important - Ensure that display_errors=Off in php.ini settings. // include_once "../../interface/globals.php"; include_once "{$GLOBALS['srcdir']}/sql.inc"; include_once "{$GLOBALS['srcdir']}/formdata.inc.php"; $q = formData("q", "G", true); if (!$q) { return; } $limit = $_GET['limit']; $sql = "select drug_id, name from drugs where " . " name like ('" . $q . "%')" . " order by name " . " limit " . $limit; $rez = sqlStatement($sql); while ($row = sqlFetchArray($rez)) { echo $row['name'] . "|" . $row['drug_id'] . "\n"; }
} else { if ($_POST["mode"] == "new_group") { $res = sqlStatement("select distinct name, user from groups"); for ($iter = 0; $row = sqlFetchArray($res); $iter++) { $result[$iter] = $row; } $doit = 1; foreach ($result as $iter) { if ($doit == 1 && $iter["name"] == trim(formData('groupname')) && $iter["user"] == trim(formData('rumple'))) { $doit--; } } if ($doit == 1) { sqlStatement("insert into groups set name = '" . trim(formData('groupname')) . "', user = '******'rumple')) . "'"); } else { $alertmsg .= "User " . trim(formData('rumple')) . " is already a member of group " . trim(formData('groupname')) . ". "; } } } } if (isset($_GET["mode"])) { /******************************************************************* // This is the code to delete a user. Note that the link which invokes // this is commented out. Somebody must have figured it was too dangerous. // if ($_GET["mode"] == "delete") { $res = sqlStatement("select distinct username, id from users where id = '" . $_GET["id"] . "'"); for ($iter = 0; $row = sqlFetchArray($res); $iter++) $result[$iter] = $row;
if ($_GET["ssi_relayhealth"]) { $tqvar = formData('ssi_relayhealth', 'G'); sqlStatement("update users set ssi_relayhealth = '{$tqvar}' where id = {$_GET["id"]}"); } $tqvar = $_GET["authorized"] ? 1 : 0; $actvar = $_GET["active"] ? 1 : 0; $calvar = $_GET["calendar"] ? 1 : 0; sqlStatement("UPDATE users SET authorized = {$tqvar}, active = {$actvar}, " . "calendar = {$calvar}, see_auth = '" . $_GET['see_auth'] . "' WHERE " . "id = {$_GET["id"]}"); if ($_GET["comments"]) { $tqvar = formData('comments', 'G'); sqlStatement("update users set info = '{$tqvar}' where id = {$_GET["id"]}"); } if (isset($phpgacl_location) && acl_check('admin', 'acl')) { // Set the access control group of user $user_data = mysql_fetch_array(sqlStatement("select username from users where id={$_GET["id"]}")); set_user_aro($_GET['access_group'], $user_data["username"], formData('fname', 'G'), formData('mname', 'G'), formData('lname', 'G')); } $ws = new WSProvider($_GET['id']); /*Dont move usergroup_admin (1).php just close window // On a successful update, return to the users list. include("usergroup_admin.php"); exit(0); */ echo ' <script type="text/javascript"> <!-- parent.$.fn.fancybox.close(); //--> </script> ';
} else { $where .= " AND {$field_id} LIKE '{$value}%'"; } } echo "<input type='hidden' name='{$field_id}' value='{$value}' />\n"; } } $sql = "SELECT {$given} FROM patient_data " . "WHERE {$where} ORDER BY {$orderby} LIMIT {$fstart}, {$sqllimit}"; $rez = sqlStatement($sql); $result = array(); while ($row = sqlFetchArray($rez)) { $result[] = $row; } _set_patient_inc_count($sqllimit, count($result), $where); } else { $patient = formData("patient", "R"); $findBy = $_REQUEST['findBy']; $searchFields = $_REQUEST['searchFields']; echo "<input type='hidden' name='patient' value='{$patient}' />\n"; echo "<input type='hidden' name='findBy' value='{$findBy}' />\n"; if ($findBy == "Last") { $result = getPatientLnames("{$patient}", $given, $orderby, $sqllimit, $fstart); } else { if ($findBy == "ID") { $result = getPatientId("{$patient}", $given, "id ASC, " . $orderby, $sqllimit, $fstart); } else { if ($findBy == "DOB") { $result = getPatientDOB("{$patient}", $given, "DOB ASC, " . $orderby, $sqllimit, $fstart); } else { if ($findBy == "SSN") { $result = getPatientSSN("{$patient}", $given, "ss ASC, " . $orderby, $sqllimit, $fstart);
$newdata[$tblname][$colname] = $value; } updatePatientData($pid, $newdata['patient_data'], true); updateEmployerData($pid, $newdata['employer_data'], true); $i1dob = fixDate(formData("i1subscriber_DOB")); $i1date = fixDate(formData("i1effective_date")); // sqlStatement("unlock tables"); // end table lock newHistoryData($pid); newInsuranceData($pid, "primary", formData("i1provider"), formData("i1policy_number"), formData("i1group_number"), formData("i1plan_name"), formData("i1subscriber_lname"), formData("i1subscriber_mname"), formData("i1subscriber_fname"), formData("form_i1subscriber_relationship"), formData("i1subscriber_ss"), $i1dob, formData("i1subscriber_street"), formData("i1subscriber_postal_code"), formData("i1subscriber_city"), formData("form_i1subscriber_state"), formData("form_i1subscriber_country"), formData("i1subscriber_phone"), formData("i1subscriber_employer"), formData("i1subscriber_employer_street"), formData("i1subscriber_employer_city"), formData("i1subscriber_employer_postal_code"), formData("form_i1subscriber_employer_state"), formData("form_i1subscriber_employer_country"), formData('i1copay'), formData('form_i1subscriber_sex'), $i1date, formData('i1accept_assignment')); $i2dob = fixDate(formData("i2subscriber_DOB")); $i2date = fixDate(formData("i2effective_date")); newInsuranceData($pid, "secondary", formData("i2provider"), formData("i2policy_number"), formData("i2group_number"), formData("i2plan_name"), formData("i2subscriber_lname"), formData("i2subscriber_mname"), formData("i2subscriber_fname"), formData("form_i2subscriber_relationship"), formData("i2subscriber_ss"), $i2dob, formData("i2subscriber_street"), formData("i2subscriber_postal_code"), formData("i2subscriber_city"), formData("form_i2subscriber_state"), formData("form_i2subscriber_country"), formData("i2subscriber_phone"), formData("i2subscriber_employer"), formData("i2subscriber_employer_street"), formData("i2subscriber_employer_city"), formData("i2subscriber_employer_postal_code"), formData("form_i2subscriber_employer_state"), formData("form_i2subscriber_employer_country"), formData('i2copay'), formData('form_i2subscriber_sex'), $i2date, formData('i2accept_assignment')); $i3dob = fixDate(formData("i3subscriber_DOB")); $i3date = fixDate(formData("i3effective_date")); newInsuranceData($pid, "tertiary", formData("i3provider"), formData("i3policy_number"), formData("i3group_number"), formData("i3plan_name"), formData("i3subscriber_lname"), formData("i3subscriber_mname"), formData("i3subscriber_fname"), formData("form_i3subscriber_relationship"), formData("i3subscriber_ss"), $i3dob, formData("i3subscriber_street"), formData("i3subscriber_postal_code"), formData("i3subscriber_city"), formData("form_i3subscriber_state"), formData("form_i3subscriber_country"), formData("i3subscriber_phone"), formData("i3subscriber_employer"), formData("i3subscriber_employer_street"), formData("i3subscriber_employer_city"), formData("i3subscriber_employer_postal_code"), formData("form_i3subscriber_employer_state"), formData("form_i3subscriber_employer_country"), formData('i3copay'), formData('form_i3subscriber_sex'), $i3date, formData('i3accept_assignment')); ?> <html> <body> <script language="Javascript"> <?php if ($alertmsg) { echo "alert('{$alertmsg}');\n"; } echo "window.location='{$rootdir}/patient_file/summary/demographics.php?" . "set_pid={$pid}&is_new=1';\n"; ?> </script> </body> </html>
function invalue($name) { $fld = formData($name, "P", true); return "'{$fld}'"; }
<?php require_once "../globals.php"; require_once "../../library/acl.inc"; require_once "{$srcdir}/sql.inc"; require_once "{$srcdir}/formdata.inc.php"; $alertmsg = ''; /* Inserting New facility */ if (isset($_POST["mode"]) && $_POST["mode"] == "facility" && $_POST["newmode"] != "admin_facility") { $insert_id = sqlInsert("INSERT INTO facility SET " . "name = '" . trim(formData('facility')) . "', " . "phone = '" . trim(formData('phone')) . "', " . "fax = '" . trim(formData('fax')) . "', " . "street = '" . trim(formData('street')) . "', " . "city = '" . trim(formData('city')) . "', " . "state = '" . trim(formData('state')) . "', " . "postal_code = '" . trim(formData('postal_code')) . "', " . "country_code = '" . trim(formData('country_code')) . "', " . "federal_ein = '" . trim(formData('federal_ein')) . "', " . "website = '" . trim(formData('website')) . "', " . "email = '" . trim(formData('email')) . "', " . "color = '" . trim(formData('ncolor')) . "', " . "service_location = '" . trim(formData('service_location')) . "', " . "billing_location = '" . trim(formData('billing_location')) . "', " . "accepts_assignment = '" . trim(formData('accepts_assignment')) . "', " . "pos_code = '" . trim(formData('pos_code')) . "', " . "domain_identifier = '" . trim(formData('domain_identifier')) . "', " . "attn = '" . trim(formData('attn')) . "', " . "tax_id_type = '" . trim(formData('tax_id_type')) . "', " . "primary_business_entity = '" . trim(formData('primary_business_entity')) . "', " . "facility_npi = '" . trim(formData('facility_npi')) . "'," . "facility_code = '" . trim(formData('facility_id')) . "'"); } /* Editing existing facility */ if ($_POST["mode"] == "facility" && $_POST["newmode"] == "admin_facility") { sqlStatement("update facility set\n\t\tname='" . trim(formData('facility')) . "',\n\t\tphone='" . trim(formData('phone')) . "',\n\t\tfax='" . trim(formData('fax')) . "',\n\t\tstreet='" . trim(formData('street')) . "',\n\t\tcity='" . trim(formData('city')) . "',\n\t\tstate='" . trim(formData('state')) . "',\n\t\tpostal_code='" . trim(formData('postal_code')) . "',\n\t\tcountry_code='" . trim(formData('country_code')) . "',\n\t\tfederal_ein='" . trim(formData('federal_ein')) . "',\n\t\twebsite='" . trim(formData('website')) . "',\n\t\temail='" . trim(formData('email')) . "',\n\t\tcolor='" . trim(formData('ncolor')) . "',\n\t\tservice_location='" . trim(formData('service_location')) . "',\n\t\tbilling_location='" . trim(formData('billing_location')) . "',\n\t\taccepts_assignment='" . trim(formData('accepts_assignment')) . "',\n\t\tpos_code='" . trim(formData('pos_code')) . "',\n\t\tdomain_identifier='" . trim(formData('domain_identifier')) . "',\n\t\tfacility_npi='" . trim(formData('facility_npi')) . "',\n\t\tattn='" . trim(formData('attn')) . "' ,\n\t\tprimary_business_entity='" . trim(formData('primary_business_entity')) . "' ,\n\t\ttax_id_type='" . trim(formData('tax_id_type')) . "' ,\n facility_code = '" . trim(formData('facility_id')) . "'\n\twhere id='" . trim(formData('fid')) . "'"); } ?> <html> <head> <link rel="stylesheet" href="<?php echo $css_header; ?> " type="text/css"> <link rel="stylesheet" type="text/css" href="<?php echo $GLOBALS['webroot']; ?> /library/js/fancybox/jquery.fancybox-1.2.6.css" media="screen" /> <script type="text/javascript" src="<?php echo $GLOBALS['webroot']; ?> /library/dialog.js"></script> <script type="text/javascript" src="<?php
?> </table> </td> </tr> <?php } //if ($_POST["mode"] == "SearchPayment") ?> </table> </td> </tr> </table> <input type='hidden' name='mode' id='mode' value='' /> <input type='hidden' name='ajax_mode' id='ajax_mode' value='' /> <input type="hidden" name="hidden_type_code" id="hidden_type_code" value="<?php echo htmlspecialchars(formData('hidden_type_code')); ?> "/> <input type='hidden' name='DeletePaymentId' id='DeletePaymentId' value='' /> <input type='hidden' name='SortFieldOld' id='SortFieldOld' value='<?php echo htmlspecialchars($PaymentSortBy); ?> ' /> <input type='hidden' name='Sort' id='Sort' value='<?php echo htmlspecialchars($Sort); ?> ' /> <input type="hidden" name="after_value" id="after_value" value="<?php echo htmlspecialchars($Message); ?> "/>
$msg = invoice_add_line_item($invoice_info, 'COPAY', $paydesc, $form_source, 0 - $amount); if ($msg) { die($msg); } } } if (!$INTEGRATED_AR) { $msg = invoice_post($invoice_info); if ($msg) { die($msg); } } // If applicable, set the invoice reference number. $invoice_refno = ''; if (isset($_POST['form_irnumber'])) { $invoice_refno = formData('form_irnumber', 'P', true); } else { $invoice_refno = add_escape_custom(updateInvoiceRefNumber()); } if ($invoice_refno) { sqlStatement("UPDATE form_encounter " . "SET invoice_refno = '{$invoice_refno}' " . "WHERE pid = '{$form_pid}' AND encounter = '{$form_encounter}'"); } generate_receipt($form_pid, $form_encounter); exit; } // If an encounter ID was given, then we must generate a receipt. // if (!empty($_GET['enc'])) { generate_receipt($pid, $_GET['enc']); exit; }